Lumma infostealer malware operation disrupted, 2,300 domains seized

Earlier this month, a coordinated disruption action targeting the Lumma malware-as-a-service (MaaS) information stealer operation seized thousands of domains and part of its infrastructure backbone worldwide. This effort involved multiple tech companies and law enforcement authorities, resulting in Microsoft's seizure of approximately 2,300 domains after legal action against the malware on May 13, 2025. At the same time, the Department of Justice (DOJ) disrupted marketplaces where the malware was rented to cybercriminals by seizing Lumma's control panel, while Europol's European Cybercrime Center (EC3) and Japan's Cybercrime Control Center (JC3) helped to seize Lumma's infrastructure based in Europe and Japan. "Between March 16, 2025, and May 16, 2025, Microsoft identified over 394,000 Windows computers globally infected by the Lumma malware. Working with law enforcement and industry partners, we have severed communications between the malicious tool and victims," said Steven Masada ... Read full article.